forked from freedomofpress/securedrop
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
updated deprecated include: directives in ansible config
- Loading branch information
1 parent
60573a5
commit dbe550c
Showing
19 changed files
with
60 additions
and
60 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,15 +1,15 @@ | ||
| --- | ||
| - include: app_install_fpf_deb_pkgs.yml | ||
| - include_tasks: app_install_fpf_deb_pkgs.yml | ||
| when: securedrop_app_install_from_repo | ||
|
|
||
| - include: initialize_securedrop_app.yml | ||
| - include_tasks: initialize_securedrop_app.yml | ||
|
|
||
| - include: copy_tor_url_info_to_app_dir.yml | ||
| - include_tasks: copy_tor_url_info_to_app_dir.yml | ||
|
|
||
| # If HTTPS is enabled, certs must land before Apache vhost configs | ||
| # are written, otherwise the Apache enmod tasks will fail. | ||
| - include: copy_ssl_certs.yml | ||
| - include_tasks: copy_ssl_certs.yml | ||
| when: | ||
| - securedrop_app_https_on_source_interface | ||
|
|
||
| - include: install_and_harden_apache.yml | ||
| - include_tasks: install_and_harden_apache.yml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,2 +1,2 @@ | ||
| --- | ||
| - include: backup.yml | ||
| - include_tasks: backup.yml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,29 +1,29 @@ | ||
| --- | ||
| - include_vars: "{{ ansible_distribution }}_{{ ansible_distribution_release }}.yml" | ||
|
|
||
| - include: apt_sources.yml | ||
| - include_tasks: apt_sources.yml | ||
|
|
||
| - include: apt_upgrade.yml | ||
| - include_tasks: apt_upgrade.yml | ||
|
|
||
| - include: install_packages.yml | ||
| - include_tasks: install_packages.yml | ||
|
|
||
| - include: post_ubuntu_install_checks.yml | ||
| - include_tasks: post_ubuntu_install_checks.yml | ||
|
|
||
| - include: create_users.yml | ||
| - include_tasks: create_users.yml | ||
|
|
||
| - include: setup_etc_hosts.yml | ||
| - include_tasks: setup_etc_hosts.yml | ||
|
|
||
| - include: harden_dns.yml | ||
| - include_tasks: harden_dns.yml | ||
|
|
||
| - include: unattended_upgrades.yml | ||
| - include_tasks: unattended_upgrades.yml | ||
| tags: | ||
| - ua | ||
| - reboot | ||
|
|
||
| - include: remove_unused_packages.yml | ||
| - include_tasks: remove_unused_packages.yml | ||
|
|
||
| - include: sysctl.yml | ||
| - include_tasks: sysctl.yml | ||
|
|
||
| - include: disable_swap.yml | ||
| - include_tasks: disable_swap.yml | ||
|
|
||
| - include: remove_kernel_modules.yml | ||
| - include_tasks: remove_kernel_modules.yml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,17 +1,17 @@ | ||
| --- | ||
| # Check whether grsecurity is already configured, | ||
| # since that fact will be used in multiple includes. | ||
| - include: check_installation.yml | ||
| - include_tasks: check_installation.yml | ||
|
|
||
| # Install the grsec kernel prior to running unattended-upgrades to avoid | ||
| # reboots | ||
| - include: from_fpf_repo_install_grsec.yml | ||
| - include_tasks: from_fpf_repo_install_grsec.yml | ||
| tags: | ||
| - grsec | ||
|
|
||
| - include: clean_packages.yml | ||
| - include_tasks: clean_packages.yml | ||
|
|
||
| - include: apply_grsec_lock.yml | ||
| - include_tasks: apply_grsec_lock.yml | ||
| tags: | ||
| - reboot | ||
| - grsec |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,8 +1,8 @@ | ||
| --- | ||
| - include: configure_client.yml | ||
| - include_tasks: configure_client.yml | ||
| when: ossec_is_client | ||
|
|
||
| - include: configure_server.yml | ||
| - include_tasks: configure_server.yml | ||
| when: ossec_is_server | ||
|
|
||
| - include: register.yml | ||
| - include_tasks: register.yml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,9 +1,9 @@ | ||
| --- | ||
| - include: install_postfix.yml | ||
| - include_tasks: install_postfix.yml | ||
|
|
||
| - include: install_procmail.yml | ||
| - include_tasks: install_procmail.yml | ||
|
|
||
| # Configure SSL certificates for SMTP relay if manual | ||
| # overrides are declared. See default vars | ||
| # `smtp_relay_cert_override_file` and `smtp_relay_cert_override_dir`. | ||
| - include: configure_custom_cert.yml | ||
| - include_tasks: configure_custom_cert.yml |
4 changes: 2 additions & 2 deletions
4
install_files/ansible-base/roles/reboot-if-first-install/tasks/main.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,7 +1,7 @@ | ||
| --- | ||
| - include: check_whether_reboot_needed.yml | ||
| - include_tasks: check_whether_reboot_needed.yml | ||
|
|
||
| - include: reboot-no-check.yml | ||
| - include_tasks: reboot-no-check.yml | ||
| # The conditional vars below are defined via set_fact | ||
| # in the `check_whether_reboot_needed` task list. | ||
| when: securedrop_initial_installation or securedrop_conditional_reboot |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,2 +1,2 @@ | ||
| --- | ||
| - include: reset-ssh-key.yml | ||
| - include_tasks: reset-ssh-key.yml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,11 +1,11 @@ | ||
| --- | ||
| - name: Apply backup to Application Server | ||
| include: perform_restore.yml | ||
| include_tasks: perform_restore.yml | ||
|
|
||
| - name: Remove deprecated v2 onion service configuration | ||
| include: cleanup_v2.yml | ||
| include_tasks: cleanup_v2.yml | ||
| when: not restore_skip_tor | ||
|
|
||
| - name: Restart Tor | ||
| include: update_tor.yml | ||
| include_tasks: update_tor.yml | ||
| when: not restore_skip_tor |
8 changes: 4 additions & 4 deletions
8
install_files/ansible-base/roles/restrict-direct-access/tasks/main.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,14 +1,14 @@ | ||
| --- | ||
| - include_vars: "{{ ansible_distribution }}_{{ ansible_distribution_release }}.yml" | ||
|
|
||
| - include: fetch_tor_config.yml | ||
| - include_tasks: fetch_tor_config.yml | ||
| when: fetch_tor_client_auth_configs | ||
|
|
||
| - include: dh_moduli.yml | ||
| - include_tasks: dh_moduli.yml | ||
|
|
||
| - include: ssh.yml | ||
| - include_tasks: ssh.yml | ||
|
|
||
| - include: iptables.yml | ||
| - include_tasks: iptables.yml | ||
| tags: | ||
| - iptables | ||
| - permissions |
6 changes: 3 additions & 3 deletions
6
install_files/ansible-base/roles/restrict_direct_access_app/tasks/main.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,7 +1,7 @@ | ||
| --- | ||
| - include: app_display_onions.yml | ||
| - include_tasks: app_display_onions.yml | ||
| tags: backup | ||
|
|
||
| - include: ssh.yml | ||
| - include_tasks: ssh.yml | ||
|
|
||
| - include: app_iptables.yml | ||
| - include_tasks: app_iptables.yml |
6 changes: 3 additions & 3 deletions
6
install_files/ansible-base/roles/restrict_direct_access_mon/tasks/main.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,7 +1,7 @@ | ||
| --- | ||
| - include: mon_display_onions.yml | ||
| - include_tasks: mon_display_onions.yml | ||
| tags: backup | ||
|
|
||
| - include: ssh.yml | ||
| - include_tasks: ssh.yml | ||
|
|
||
| - include: mon_iptables.yml | ||
| - include_tasks: mon_iptables.yml |
14 changes: 7 additions & 7 deletions
14
install_files/ansible-base/roles/tails-config/tasks/main.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,21 +1,21 @@ | ||
| --- | ||
| # Reuse validation logic. | ||
| - include: "{{ role_path }}/../validate/tasks/validate_tails_environment.yml" | ||
| - include_tasks: "{{ role_path }}/../validate/tasks/validate_tails_environment.yml" | ||
|
|
||
| - include: copy_dotfiles.yml | ||
| - include_tasks: copy_dotfiles.yml | ||
|
|
||
| - include: configure_torrc_additions.yml | ||
| - include_tasks: configure_torrc_additions.yml | ||
|
|
||
| - include: create_desktop_shortcuts.yml | ||
| - include_tasks: create_desktop_shortcuts.yml | ||
|
|
||
| - include: install_shell_extension.yml | ||
| - include_tasks: install_shell_extension.yml | ||
|
|
||
| - include: configure_network_hook.yml | ||
| - include_tasks: configure_network_hook.yml | ||
|
|
||
| - name: Check that we are on an admin workstation | ||
| stat: | ||
| path: group_vars/all/site-specific | ||
| register: site_specific_result | ||
|
|
||
| - include: create_ssh_aliases.yml | ||
| - include_tasks: create_ssh_aliases.yml | ||
| when: site_specific_result.stat.exists |
4 changes: 2 additions & 2 deletions
4
install_files/ansible-base/roles/tor-hidden-services/tasks/main.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,4 +1,4 @@ | ||
| --- | ||
| - include: install_tor.yml | ||
| - include_tasks: install_tor.yml | ||
|
|
||
| - include: configure_tor_hidden_services.yml | ||
| - include_tasks: configure_tor_hidden_services.yml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,3 +1,3 @@ | ||
| --- | ||
| - include: validate_tails_environment.yml | ||
| - include_tasks: validate_tails_environment.yml | ||
| when: securedrop_validate_tails_environment |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters